Help

Jamfg Firewall management to allow Zscaler processes

Jschribs
New Contributor

Posted on ‎09-25-2024 11:16 AM

I am setting up Zscaler for my Org and this requires adding several processes to the MacOS native firewall. We are hoping to use Jamf for this however we seem to be limited by Zscaler not knowing the bundle ID of their products as well as the format not meshing well with the Jamf Firewall allowlist. Has anyone configured this in the past?

I'm looking to allow the following: (from https://help.zscaler.com/client-connector/zscaler-client-connector-processes-allowlist)

  • Zscaler: Inbound
  • Zscaler: Outbound
  • ZscalerService: Inbound
  • ZscalerService: Outbound
  • ZscalerTunnel: Inbound
  • ZscalerTunnel: Outbound
  • ZscalerUpdater: Outbound
  • UPMServiceController: Inbound
  • UPMServiceController: Outbound
  • /Applications/Zscaler/.Updater/autoupdate-osx.app/Contents/MacOS/ZscalerUpdater: Inbound
    /Applications/Zscaler/.Updater/autoupdate-osx.app/Contents/MacOS/ZscalerUpdater: Outbound
  • /Library/Application Support/Zscaler/ZDP/bin/zdpd: Outbound
  • /Library/Application Support/Zscaler/ZDP: Inbound
  • /Library/Application Support/Zscaler/ZDP: Outbound
0 Kudos
Reply
1 REPLY 1

AJPinto
Honored Contributor III

Posted on ‎09-25-2024 06:07 PM

Are you actually using Jamf to manage your firewall? I recommend looking in to using Zscalers packet filter. MDM is really not the right tool to manage the OS firewall and only the most basic functionality is built in to the MDM Framework, most of the firewall tools are in the Security Framework.

0 Kudos
Reply